Apply new or updated Kubernetes manifests to the cluster. Use when deploying a new app, updating a HelmRelease, or iterating on manifest configuration. Handles pausing FluxCD, applying and verifying changes manually, committing, then resuming reconciliation.
Apply and verify changes to $ARGUMENTS in this cluster, following the safe FluxCD workflow.
Manifests live under fluxcd/clusters/pi/. Common app paths:
fluxcd/clusters/pi/home/<app>/ — home-namespace apps (sonarr, qbit, immich, etc.)fluxcd/clusters/pi/<component>/ — infrastructure (cert-manager, traefik, longhorn, etc.)Before touching any manifests, suspend reconciliation for the affected resource(s) so FluxCD doesn't overwrite your changes:
# Suspend a HelmRelease
flux suspend helmrelease <name> -n <namespace>
# Suspend a Kustomization (if editing raw manifests)
flux suspend kustomization <name> -n <namespace>
Confirm suspension:
flux get helmrelease <name> -n <namespace>
# Should show: Suspended: True
Edit the manifest files, then apply directly:
# Apply a single file
kubectl apply -f fluxcd/clusters/pi/home/<app>/<file>.yaml
# Apply the whole app directory
kubectl apply -f fluxcd/clusters/pi/home/<app>/
# For HelmRelease values changes: trigger an upgrade
flux reconcile helmrelease <name> -n <namespace>
Check pod status — do NOT immediately delete pods after a reconcile:
kubectl get pods -n <namespace> -w
kubectl describe pod <pod> -n <namespace>
kubectl logs <pod> -n <namespace> --tail=50
For HelmRelease changes, wait for the upgrade to complete before assessing pod state:
flux get helmrelease <name> -n <namespace>
kubectl rollout status deployment/<name> -n <namespace>
# or for StatefulSets:
kubectl rollout status statefulset/<name> -n <namespace>
Only delete a pod manually if ALL of these are true:
kubectl get statefulset <name> -n <namespace> shows updateRevision != currentRevisionCrashLoopBackOff preventing the rolling updatekubectl describe pod for memory limits — increase if neededimagePullPolicy and tag-<index>)nodeName — use nodeSelector: {kubernetes.io/hostname: <node>} insteadOnce the configuration is verified working, commit all changed manifest files:
# Stage specific files (prefer over git add -A)
git add fluxcd/clusters/pi/home/<app>/
git commit -m "<type>(<app>): <description>"
git push
Commit message conventions from this repo:
feat(sonarr): add private instancefix(qbit): increase gluetun memory limit to 384Michore(deps): update helmrelease versionAfter pushing, resume and let FluxCD take over:
flux resume helmrelease <name> -n <namespace>
# or
flux resume kustomization <name> -n <namespace>
Then trigger a full reconcile to confirm FluxCD picks up the pushed state cleanly:
flux reconcile source git flux-system
flux reconcile kustomization flux-system
# Only if the HelmRelease needs a forced re-run:
flux reconcile helmrelease <name> -n <namespace>
Verify FluxCD shows the resource as Ready:
flux get helmrelease <name> -n <namespace>
# Should show: Ready: True, Suspended: False
flux reconcile helmrelease with kubectl delete pod — wait for Helm to finish first-n <namespace>, not --namespace